Skip to main content

ICS Device CVE-2026-42953

| EUVDEUVD-2026-42120 HIGH
Out-of-bounds Write (CWE-787)
2026-07-07 ics-cert@hq.dhs.gov GHSA-r42h-hrr3-8vrv
8.4
CVSS 4.0 · Vendor: hq
Share

Severity by source

Vendor (hq) PRIMARY
8.4 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.8 HIGH

Local file-parsing flaw needing a user to open malicious content, so AV:L and UI:R with PR:N; successful code execution yields full C/I/A on the affected host.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (hq).

CVSS VectorVendor: hq

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
A
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 07, 2026 - 22:30 vuln.today

DescriptionCVE.org

The application contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution.

AnalysisAI

Arbitrary code execution via an out-of-bounds write (CWE-787) affects an industrial control system product covered by CISA ICS advisory ICSA-26-188-06, where an attacker can corrupt memory past an allocated buffer to run code in the context of the affected application. The CVSS 4.0 vector (AV:L/UI:A) indicates the flaw is triggered locally and requires a victim to actively interact - consistent with opening a malicious file or project in engineering/HMI software. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious ICS project/data file
Delivery
Deliver to operator via email or USB
Exploit
Victim opens file in affected app
Execution
Out-of-bounds write corrupts memory
Impact
Execute arbitrary code on workstation

Vulnerability AssessmentAI

Exploitation Exploitation requires local delivery of malicious content and active user interaction (CVSS AV:L, UI:A): a legitimate operator or engineer must open or process an attacker-supplied file/project/input in the affected ICS application. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score is 8.4 (High), driven by full compromise of the vulnerable system (VC:H/VI:H/VA:H) with low attack complexity and no privileges required - but critically, the vector is AV:L (local) and UI:A (active user interaction required), meaning this is NOT a remotely-reachable, unauthenticated network exploit. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious project, configuration, or data file that triggers the out-of-bounds write when parsed, then delivers it to an engineer or operator (e.g., via email, USB, or a shared repository). When the victim opens the file in the affected ICS application on their workstation, the corrupted memory write executes attacker-controlled code in the context of that application. …
Remediation Apply the vendor-provided update referenced in CISA advisory ICSA-26-188-06 (https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-06); no exact fixed version was included in the source data, so confirm the patched release directly from that advisory. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify systems running the affected ICS product per CISA ICSA-26-188-06; contact vendor for patch timeline; notify engineering teams of attack vector. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-42953 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy